dcsimg

Data Accountability and Transparency Act of 2020 looks beyond consent

In the United States, data privacy is hard work—particularly for the American people. But one US Senator believes it shouldn’t have to be. In June, Democratic Senator Sherrod Brown of Ohio released a discussion draft of a new data privacy bill to improve Americans’ data privacy rights and their relationship with the countless companies that collect, store, and share their personal data. While … [Read more...]

Data privacy law updates eyed by Singapore

In early 2019, Singapore’s data privacy regulators proposed that the country’s data privacy law could use two new updates—a data breach notification requirement and a right of data portability for the country’s residents. The proposed additions are commonplace in several data privacy laws around the world, including, most notably, the European Union General Data Protection Regulation, or GDPR, … [Read more...]

A week in security (February 3 – 9)

Last week on Malwarebytes Labs, we looked at Washington state’s latest efforts in providing better data privacy rights for their residents, and we dove into some of the many questions regarding fintech: What is it? How secure is it? And what are some of the problems in the space? We also detailed a new adware family that our researchers had been tracking since late last year and pushed out a … [Read more...]

Washington Privacy Act welcomed by corporate and nonprofit actors

The steady parade of US data privacy legislation continued last month in Washington with the introduction of an improved bill that would grant state residents the rights to access, control, delete, and port their data, as well as opting out of data sales. The bill, called the Washington Privacy Act, also improves upon its earlier 2019 version, providing stronger safeguards on the use of facial … [Read more...]

Online privacy in 2019: a legislative review

For decades, the United States treated data privacy like an aging home, patching individual leaks and drafts only when a new storm hit. The country passed a law protecting healthcare-related information, and not much else. It then passed a law protecting video rental information, and not much else. It continued this way, repeatedly passing sector-specific laws while failing to address a problem … [Read more...]

New Consumer Online Privacy Rights Act (COPRA) would empower American users

Despite the already dizzying number of comprehensive data privacy proposals before the US Senate—nearly 10 have been introduced since mid-2018—yet another bill has entered the conversation: the Consumer Online Privacy Rights Act. This time, the bill, called COPRA for short, is sponsored by a Democratic Senator from Washington whose name has rarely been cited in the country’s ongoing debate as … [Read more...]

Insurance data security laws skirt political turmoil

Across the United States, a unique approach to lawmaking has proved radically successful in making data security stronger for one industry—insurance providers. The singular approach has entirely sidestepped the prolonged, political arguments that have become commonplace when trying to pass federal and state data privacy laws today. In California, for example, Big Tech lobbying groups have … [Read more...]

CEOs offer their own view of a US data privacy law

Last week, the chief executives of more than 50 mid- and large-sized companies urged Congress to pass a national data privacy law to regulate how companies collect, use, and share Americans’ data. Buried deep within the chief executives’ recommendations for such a law, presented as a policy framework for guidance, was a convenient proposal: Private individuals should not be allowed to sue … [Read more...]

Maine governor signs ISP privacy bill

Less than one week after Maine Governor Janet Mills received one of the nation’s most privacy-protective state bills on her desk, she signed it into law. The move makes Maine the latest US state to implement its own online privacy protections. The law, which will go into effect July 1, 2020, blocks Internet service providers (ISPs) from selling, sharing, or granting third parties access to … [Read more...]

The top six takeaways for corporate data privacy compliance

For nearly two months, Malwarebytes Labs has led readers on a journey through data privacy laws around the world, exploring the nuances between “personal information” and “personal data,” as well as between data breach notification laws in Florida, Utah, California, and Iowa. We explored the risks of jumping into the global data privacy game, comparing the European Union’s laws with the laws … [Read more...]